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ff* THE O/MMfr 

1 . (Currently Amended) A method in a data processing system for managing data 
attributes, the method comprising the steps of: 

registering attributes with a PKCS9 gateway class, wherein the attributes include 
user-defined attributes and PKCS-standard (Public Key Cryptography Standards) defined 
attributes; [[and]] 

associatively storing an identifier for each of the user-defined attributes and each 
of the PKCS-standard defined attributes; 

calling a first object-oriented method in the PKCS9 gateway class, wherein the 
first object-oriented method receives a parameter comprising an object identifier for an 
attribute : 

searching an attribute mapping data structure using tbe object identifier in the 
received parameter: 

in response to a determination of a matching object identifier in the attribute 
mapping data structure, retrieving a class identifier associatively stored with the matching 
object identifier in the attribute mapping data structure: and 

calling a second object-oriented method in a class identified bv the retrieved class 
identifier . 

2. (Canceled). 

3. (Canceled). 

4. (Currently Amended) A method in a data processing system for managing data 
attributes, the method comprising the steps of: 

invoking a first object-oriented method to process an attribute object, wherein the 
first object-oriented method is defined in an abstract class for attribute objects with a 
subclass for undefined attributes and a subclass for defined attributes, wherein the 
subclass for defined attributes is further comprised of a subclass for each PKCS-defined 
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(Public Key Cryptography Standards) attribute and a subclass for each user-defined 
attribute; 

invoking a second object-oriented method to process an attribute object, wherein 
the second object-oriented method is defined in a PKCS9 gateway class; and 

in response to invoking the first object-oriented method or the second object- 
oriented method, processing the result returned by the first object-oriented method or the 
second object-oriented method , wherein each defined attribute is registered with the 
PKCS9 gateway class, and where in the user-defined attributes are registered with the 
PKCS9 gateway class bv reading a configuration file when the PKCS9 gateway class is 
initially loaded . 

5. (Original) The method of claim 4, where a PKCS compatible attribute is a unique 
object identifier and value, as defined by the Abstract Syntax Notation (ASN.l) for the 
X.500 Attribute type. 

6. (Original) The method of claim 4, wherein each defined attribute is implemented 
as a separate class. 

7. (Canceled). 

8. (Currently Amended) The method of claim [[7]] 4, wherein PKCS-defined 
attributes are registered statically with the PKCS9 gateway class. 

9. (Canceled). 

1 0. (Original) The method of claim 4, wherein the second object-oriented method 
determines a type of the attribute object by performing an instanceof comparison to 
registered attributes. 

1 1 . (Original) The method of claim 4 f wherein the attribute object is constructed 
using a constructor method in a class associated with a PKCS-compatible attribute. 
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12. (Original) The method of claim 4 wherein, in response to determining an object 
identifier and a value associated with the object identifier and determining the object 
identifier is registered with the PKCS9 gateway class, the PKCS9 gateway class returns 
an instance of a registered attribute. 

13. (Original) The method of claim 4 wherein, in response to determining a DER- 
encoded byte stream with an object identifier, the second object-oriented method in the 
PKCS9 gateway class returns an instance of a PKCS-compatible attribute. 

1 4. (Original) The method of claim 13 wherein, in response to determining the object 
identifier from the DER-encoded byte stream is not registered with the PKCS9 gateway 
class, an instance of an undefined attribute is returned with the value being a DER- 
encoded byte stream. 

15. (Original) The method of claim 13 wherein, in response to determining the object 
identifier from the DER-encoded byte stream is registered with the PKCS9 gateway 
class, an instance of an attribute with the object identifier is returned* 

16. (Original) The method of claim 4, wherein a registered attribute object is encoded 
to a DER-encoded byte stream by using the first object-oriented method for encoding the 
attribute object. 

17. (Original) The method of claim 4, wherein a registered attribute object 
represented as a DER-encoded byte stream is decoded to an attribute object by using the 
second object-oriented method for decoding the attribute object. 

1 8. (Original) The method of claim 4, wherein a second object-oriented method in the 
PKCS9 gateway class extracts attribute values into forms, wherein the forms are strings, 
numbers, and/or other non-abstract data types 
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1 9. (Currently Amended) A data processing system for managing data attributes, the 
data processing system comprising: 

registering means for registering attributes with a PKCS9 gateway class, wherein 
the attributes include user-defined attributes and PKCS-standard (Public Key 
Cryptography Standards) defined attributes; 

storing means for associatively storing an identifier for each of the user-defined 
attributes and each of the PKCS-standard defined attributes; 

calling means for calling a first object-oriented method in the PKCS9 gateway 
class, wherein the first object-oriented method receives a parameter comprising an object 
identifier for an attribute: 

searching means for searching an attribute mapping data structure using the object 
identifier in the received parameter: 

retrieving means for retrieving, in response to a determination of a matching 
object identifier in the attribute mapping data structure, a class identifier associatively 
stored with the matching object identifier in the attribute manning data structure: and 

calling means for calli ng a second object-oriented method in a class identified bv 
the retrieved class identifier . 

20. (Canceled). 

21. (Canceled). 

22. (Currently Amended) A data processing system for managing Public Key 
Cryptography Standards (PKCS) compatible attributes, the data processing system 
comprising: 

first constructing means for constructing a new instance of an attribute object; 
first differentiating means for differentiating between attribute objects of different 

types; 

converting means for converting an instance of an attribute object to and/or from 
DER-encoding; 

first extracting means for extracting values associated with an attribute object; 
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extending means for extending a set of attributes with user-defined types; and 
first registering means for registering an attribute class with a PKCS9 gateway 

class; 

second registering means for registering a PKCS-compatible attribute is registered 
with the PKCS9 gateway class; 

third registering means for registering wherein user-defined attributes are 
registered with the PKCS9 gateway class bv reading a configuration file when the 
PKCS9 gateway class is initially loaded . 

23. (Original) The data processing system of claim 22 7 where a PKCS compatible 
attribute is a unique object identifier and value, as defined by the Abstract Syntax 
Notation (ASN.l) for the X.500 Attribute type. 

24. (Original) The data processing system of claim 22 further comprising: 

an abstract attribute object class with an undefined attribute object subclass and a 
defined attribute object subclass, wherein the defined attribute object subclass is further 
comprised of a subclass for each PKCS-defined attribute object and a subclass for each 
user-defined attribute object. 

25. (Original) The data processing system of claim 22 further comprising: 

second constructing means for constructing wherein a new instance of an attribute 
object using a class constructor. 

26. (Original) The data processing system of claim 22 further comprising: 

third constructing means for constructing a new instance of a PKCS-compatible 
attribute object is constructed using the PKCS9 gateway class if an attribute object 
identifier and a class implementing that attribute arc registered. 

27. (Original) The data processing system of claim 22 further comprising: 

fourth constructing means for constructing a new instance of a PKCS-compatible 
attribute object using the PKCS9 gateway class based on a DER-encoded byte stream. 
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28. (Original) The data processing system of claim 22 further comprising: 
second differentiating means for differentiating a type for an attribute object 

determined by performing an instanceof comparison to registered attribute classes., 

29. (Original) The data processing system of claim 22 further comprising: 
encoding means for encoding an attribute object to a DER-encoded object by 

using an encode method of the attribute object, 

30. (Original) The data processing system of claim 22 further comprising: 
decoding means for decoding an attribute object represented as a DER-encoded 

string to an attribute object by using a decode method of the attribute object. 

3 1 . (Original) The data processing system of claim 22 further comprising: 

second extracting means for extracting the PKCS9 gateway class returns attribute 
values, wherein the values arc represented as strings, numbers, and/or other non-abstract 
data types, 

32. (Canceled). 

33. (Currently Amended) The data processing system of claim [[32]] 22 further 
comprising: 

[[third]] fourth registering means for registering an attribute defined by the Public 
Key Cryptography Standards is registered with the PKCS9 gateway class. 

34. (Canceled). 

35. (Currently Amended) A computer program product in a computer-readable 
medium for use in a data processing system for managing data attributes, the computer 
program product comprising: 
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first instructions for registering attributes with a PKCS9 gateway class, wherein 
the attributes include user-defined attributes and PKCS-staudand (Public Key 
Cryptography Standards) defined attributes; 

second instructions for associatively storing an identifier for each of the user- 
defined attributes and each of the PKCS-standard defined attributes; 

instructions for calling a first object-oriented method in the PKCS9 gateway class, 
wherein the object-oriented method receives a parameter comprising an object identifier 
for an attribute; 

instructions for searching an attribute mapping data structure using the object 
identifier in the received parameter: 

instructions for retrieving, in response to a determination of a matching object 
identifier in the attribute mapping data structure, a class identifier associatively stored 
with the matching objec t identifier in the attribute mapping data structure: and 

instructions for calling a second object-oriented method in a class identified bv 
the retrieved class identifier . 

t 

36. (Canceled). 

37. (Canceled). 

38. (Currently Amended) A computer program product on a computer-readable 
medium for use in a data processing system for managing Public Key Cryptography 
Standards (FKCS) compatible attributes, the computer program product comprising: 

instructions for constructing a new instance of an attribute object; 
instructions for differentiating between attribute objects of different types; 
instructions for converting an instance of an attribute object to and from DER- 
encoding; 

instructions for extracting values associated with an attribute object; and 
instructions for extending a set of attributes with user-defined types; and 
instructions for registering an attribute class with a PKCS9 gateway class, 
wherein a PKCS-compatible attribute is registered with the PKCS9 gateway class, 
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and 

wherein user-defined attributes are registered with the PKCS9 gateway class bv 
reading a configuration file when the PKCS9 gateway class is initially loaded . 

39. (Original) The computer program product of claim 38, where a PKCS compatible 
attribute is a unique object identifier and value, a$ defined by the Abstract Syntax 
Notation (ASR 1 ) for the X.500 Attribute type. 

40. (Original) The computer program product of claim 38, wherein 

an abstract attribute object class with an undefined attribute object subclass and a defined 
attribute object subclass, wherein the defined attribute object subclass is further 
comprised of a subclass for each PKCS-defmed attribute object and a subclass for each 
user-defined attribute object. 

41 . (Original) The computer program product of claim 38, wherein a new instance of 
a PKCS-compatible attribute object is constructed using a class constructor. 

42. (Original) The computer program product of claim 38, wherein a new instance of 
a PKCS-compatible attribute object is constructed using the PKCS9 gateway class if an 
attribute object identifier and a class implementing that attribute is registered. 

43. (Original) The computer program product of claim 38, wherein a new instance of 
a PKCS-compatible attribute object is constructed using the PKCS9 gateway class based 
on a DER-encoded byte stream . 

44. (Original) The computer program product of claim 38, wherein a type for an 
attribute object is determined by performing an instanceof comparison to registered 
attribute classes. 

45. (Original) The computer program product of claim 38, wherein an attribute object 
is encoded to a DER-encoded object by using an encode method of the attribute object. 
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46. (Original) The computer program product of claim 38, wherein an attribute object 
represented as a DER-encoded string is decoded to an attribute object by using a decode 
method of the attribute object. 

47. (Original) The computer program product of claim 38, wherein the PKCS9 
gateway class returns attribute values, wherein the values are represented as strings, 
numbers, and/or other non-abstract data types. 

48. (Canceled). 

49. (Currently Amended) The computer program product of claim [[48]] 38, wherein 
an attribute defined by the Public Key Cryptography Standards is registered with the 
PKCS9 gateway class. 

50. (Canceled). 
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